Linux Analysis Report D1dU3jQ1II

AV Detection:

Multi AV Scanner detection for submitted file

Source: D1dU3jQ1II	Virustotal: Detection: 38%			Perma Link
Source: D1dU3jQ1II	ReversingLabs: Detection: 32%

Networking:

Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)

Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 46.88.215.211: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 87.156.52.79: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 77.182.41.50: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 128.227.236.208: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 37.201.129.154: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 194.58.82.53: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 168.235.210.133: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 178.142.187.148: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 104.253.222.27: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 49.255.156.82: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 124.74.182.153: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.128.23.101: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 92.212.216.159: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.194.171.205: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 77.4.85.7: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 89.166.207.27: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 82.146.33.16: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 85.212.198.97: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 95.208.113.112: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 42.192.8.120: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 211.6.92.94: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 154.92.249.117: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 87.149.231.207: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.135.76.106: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 213.209.88.133: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 203.170.8.249: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 82.82.248.227: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 62.100.220.28: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 188.109.144.164: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.33.149.137: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 87.161.97.238: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 107.187.111.137: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 95.114.131.6: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 85.197.14.190: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 94.36.169.195: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 175.102.129.23: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 133.18.48.187: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 89.166.149.26: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 185.73.137.46: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 77.185.73.120: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 50.220.200.185: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 182.75.97.162: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 5.183.81.214: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.106.189.153: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 77.159.245.105: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 80.143.60.57: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 142.129.90.65: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 98.150.72.236: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 111.67.193.56: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 46.227.103.41: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.218.114.226: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.19.187.144: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 156.253.26.100: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 185.54.120.139: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.159.192.61: -> 192.168.2.20:
Source: Traffic	Snort IDS: 1251 INFO TELNET Bad Login 124.217.164.38:23 -> 192.168.2.20:33690
Source: Traffic	Snort IDS: 718 INFO TELNET login incorrect 124.217.164.38:23 -> 192.168.2.20:33690
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 77.83.137.106: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 2.200.160.113: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 217.248.216.218: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 178.9.6.29: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 80.152.228.104: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 24.184.246.80: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 76.115.136.24: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 77.190.48.25: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 122.152.217.144: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 218.248.108.225: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.9.23.202: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 79.49.120.224: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 94.218.155.231: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 216.97.242.188: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 76.182.86.147: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.145.43.124: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 46.128.29.147: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 94.223.129.248: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 31.19.129.239: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 10.158.128.1: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 87.123.239.52: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 87.245.53.131: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 80.132.145.72: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 95.216.3.16: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 24.56.217.147: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 156.255.206.134: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 95.115.43.99: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 59.128.115.1: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 79.236.35.231: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 69.145.50.41: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.63.90.197: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 85.127.231.108: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 172.222.83.54: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 77.3.151.4: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 89.0.30.167: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 134.3.171.75: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 188.107.108.23: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 104.243.133.44: -> 192.168.2.20:
Source: Traffic	Snort IDS: 1251 INFO TELNET Bad Login 124.217.164.38:23 -> 192.168.2.20:33778
Source: Traffic	Snort IDS: 718 INFO TELNET login incorrect 124.217.164.38:23 -> 192.168.2.20:33778
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.153.60.139: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.35.54.191: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 66.110.253.168: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 218.248.108.73: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 146.148.157.34: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 31.150.166.67: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 82.72.173.2: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 2.205.95.18: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 217.234.188.164: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 94.219.15.13: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.132.223.147: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 95.112.216.16: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.132.231.196: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 164.88.214.72: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 88.72.51.135: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 176.58.116.43: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 80.136.104.63: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 208.86.65.73: -> 192.168.2.20:
Source: Traffic	Snort IDS: 716 INFO TELNET access 92.124.151.235:23 -> 192.168.2.20:40564
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 77.11.213.168: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 89.41.128.166: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 194.186.92.76: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 204.44.67.233: -> 192.168.2.20:
Source: Traffic	Snort IDS: 1251 INFO TELNET Bad Login 196.50.102.25:23 -> 192.168.2.20:45208
Source: Traffic	Snort IDS: 718 INFO TELNET login incorrect 196.50.102.25:23 -> 192.168.2.20:45208
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.59.183.128: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 45.61.132.64: -> 192.168.2.20:
Source: Traffic	Snort IDS: 1251 INFO TELNET Bad Login 124.217.164.38:23 -> 192.168.2.20:33832
Source: Traffic	Snort IDS: 718 INFO TELNET login incorrect 124.217.164.38:23 -> 192.168.2.20:33832
Source: Traffic	Snort IDS: 716 INFO TELNET access 92.124.151.235:23 -> 192.168.2.20:40580
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 79.240.170.205: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 73.107.248.33: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.136.168.55: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 89.245.86.11: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 204.148.92.10: -> 192.168.2.20:
Source: Traffic	Snort IDS: 716 INFO TELNET access 185.251.219.95:23 -> 192.168.2.20:41952
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 198.24.91.98: -> 192.168.2.20:
Source: Traffic	Snort IDS: 492 INFO TELNET login failed 117.146.29.109:23 -> 192.168.2.20:55052
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.171.40.29: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 85.127.34.189: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 92.206.80.116: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 178.0.34.200: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.224.159.147: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 92.76.52.48: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.43.214.137: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.19.172.11: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 95.214.55.3: -> 192.168.2.20:
Source: Traffic	Snort IDS: 716 INFO TELNET access 92.124.151.235:23 -> 192.168.2.20:40624
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 188.22.58.229: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 83.163.50.153: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 87.169.184.125: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 46.93.52.4: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.174.162.96: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 92.252.57.40: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 95.248.29.231: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 4.28.183.126: -> 192.168.2.20:
Source: Traffic	Snort IDS: 492 INFO TELNET login failed 183.250.83.191:23 -> 192.168.2.20:58778
Source: Traffic	Snort IDS: 716 INFO TELNET access 92.124.151.235:23 -> 192.168.2.20:40668
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 70.123.54.144: -> 192.168.2.20:
Source: Traffic	Snort IDS: 1251 INFO TELNET Bad Login 196.50.102.25:23 -> 192.168.2.20:45288
Source: Traffic	Snort IDS: 718 INFO TELNET login incorrect 196.50.102.25:23 -> 192.168.2.20:45288
Source: Traffic	Snort IDS: 1251 INFO TELNET Bad Login 124.217.164.38:23 -> 192.168.2.20:33924
Source: Traffic	Snort IDS: 718 INFO TELNET login incorrect 124.217.164.38:23 -> 192.168.2.20:33924
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 79.224.180.9: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.151.189.79: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 89.245.116.254: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.237.64.202: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 178.14.66.59: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 130.236.98.241: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 82.62.103.22: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 50.242.148.249: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 80.101.213.233: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 128.253.180.50: -> 192.168.2.20:
Source: Traffic	Snort IDS: 716 INFO TELNET access 92.124.151.235:23 -> 192.168.2.20:40700
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 79.232.83.154: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 46.90.115.150: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.8.126.42: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 192.177.91.67: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 92.208.50.199: -> 192.168.2.20:
Source: Traffic	Snort IDS: 492 INFO TELNET login failed 183.250.83.191:23 -> 192.168.2.20:58840
Source: Traffic	Snort IDS: 492 INFO TELNET login failed 117.146.29.109:23 -> 192.168.2.20:55142
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 178.12.213.143: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 188.108.132.141: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 65.31.34.55: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 160.121.160.227: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 160.121.64.167: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 5.199.158.23: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 62.218.55.245: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 207.98.234.138: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 37.157.42.182: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 83.161.141.34: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 178.10.145.46: -> 192.168.2.20:
Source: Traffic	Snort IDS: 716 INFO TELNET access 92.124.151.235:23 -> 192.168.2.20:40712
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 87.173.115.233: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 90.186.234.72: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 89.16.201.86: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 216.186.177.190: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.52.175.86: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.220.166.31: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 88.73.162.139: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 45.46.108.44: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 180.76.142.46: -> 192.168.2.20:
Source: Traffic	Snort IDS: 492 INFO TELNET login failed 183.250.83.191:23 -> 192.168.2.20:58866
Source: Traffic	Snort IDS: 1251 INFO TELNET Bad Login 196.50.102.25:23 -> 192.168.2.20:45366
Source: Traffic	Snort IDS: 718 INFO TELNET login incorrect 196.50.102.25:23 -> 192.168.2.20:45366
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 178.39.115.53: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 83.102.255.51: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 216.155.6.201: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 103.167.89.23: -> 192.168.2.20:
Source: Traffic	Snort IDS: 716 INFO TELNET access 92.124.151.235:23 -> 192.168.2.20:40746
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 80.140.113.215: -> 192.168.2.20:
Source: Traffic	Snort IDS: 1251 INFO TELNET Bad Login 124.217.164.38:23 -> 192.168.2.20:33998
Source: Traffic	Snort IDS: 718 INFO TELNET login incorrect 124.217.164.38:23 -> 192.168.2.20:33998
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.179.24.214: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 96.42.116.118: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 92.215.222.84: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 78.48.58.176: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 217.232.56.27: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.234.83.229: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 192.214.175.134: -> 192.168.2.20:
Source: Traffic	Snort IDS: 492 INFO TELNET login failed 117.146.29.109:23 -> 192.168.2.20:55202
Source: Traffic	Snort IDS: 716 INFO TELNET access 47.206.117.85:23 -> 192.168.2.20:47922
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.96.152.146: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 157.130.7.126: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 208.184.78.82: -> 192.168.2.20:
Source: Traffic	Snort IDS: 716 INFO TELNET access 92.124.151.235:23 -> 192.168.2.20:40760
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 103.161.126.81: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.45.52.113: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 2.207.63.67: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 94.222.35.38: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 75.23.156.230: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 77.136.94.162: -> 192.168.2.20:
Source: Traffic	Snort IDS: 716 INFO TELNET access 185.251.219.95:23 -> 192.168.2.20:42116
Source: Traffic	Snort IDS: 1251 INFO TELNET Bad Login 47.206.117.85:23 -> 192.168.2.20:47922
Source: Traffic	Snort IDS: 718 INFO TELNET login incorrect 47.206.117.85:23 -> 192.168.2.20:47922
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 88.79.169.197: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 79.214.116.169: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.215.123.161: -> 192.168.2.20:
Source: Traffic	Snort IDS: 716 INFO TELNET access 92.124.151.235:23 -> 192.168.2.20:40784
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 2.202.139.196: -> 192.168.2.20:
Source: Traffic	Snort IDS: 492 INFO TELNET login failed 183.250.83.191:23 -> 192.168.2.20:58922
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 80.131.112.125: -> 192.168.2.20:
Source: Traffic	Snort IDS: 1251 INFO TELNET Bad Login 196.50.102.25:23 -> 192.168.2.20:45430
Source: Traffic	Snort IDS: 718 INFO TELNET login incorrect 196.50.102.25:23 -> 192.168.2.20:45430
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 78.6.31.50: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 121.127.236.56: -> 192.168.2.20:
Source: Traffic	Snort IDS: 716 INFO TELNET access 92.124.151.235:23 -> 192.168.2.20:40798
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 178.76.188.18: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 87.160.108.252: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 79.204.179.159: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 104.232.143.149: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 80.144.9.17: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 217.136.235.0: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 218.248.109.161: -> 192.168.2.20:
Source: Traffic	Snort IDS: 1251 INFO TELNET Bad Login 124.217.164.38:23 -> 192.168.2.20:34062
Source: Traffic	Snort IDS: 718 INFO TELNET login incorrect 124.217.164.38:23 -> 192.168.2.20:34062
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 89.1.140.162: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 109.193.35.103: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 160.72.96.118: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 89.12.86.106: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.138.171.218: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 89.14.240.19: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 188.99.28.58: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 10.0.201.222: -> 192.168.2.20:
Source: Traffic	Snort IDS: 492 INFO TELNET login failed 117.146.29.109:23 -> 192.168.2.20:55246
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.34.76.40: -> 192.168.2.20:
Source: Traffic	Snort IDS: 492 INFO TELNET login failed 183.250.83.191:23 -> 192.168.2.20:58946
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 62.246.133.7: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 178.124.134.165: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 27.111.241.222: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 149.224.130.74: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 185.11.194.211: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 79.11.202.165: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 172.252.112.72: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 218.248.162.173: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 80.157.131.61: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 207.135.230.60: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 104.165.103.64: -> 192.168.2.20:
Source: Traffic	Snort IDS: 1251 INFO TELNET Bad Login 196.50.102.25:23 -> 192.168.2.20:45490
Source: Traffic	Snort IDS: 718 INFO TELNET login incorrect 196.50.102.25:23 -> 192.168.2.20:45490
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.132.62.173: -> 192.168.2.20:
Source: Traffic	Snort IDS: 492 INFO TELNET login failed 117.146.29.109:23 -> 192.168.2.20:55290
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 92.75.171.11: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 80.143.233.138: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 178.5.216.38: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 92.77.185.155: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 31.150.35.80: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 77.64.175.79: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 208.184.23.126: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 142.234.144.228: -> 192.168.2.20:
Source: Traffic	Snort IDS: 492 INFO TELNET login failed 183.250.83.191:23 -> 192.168.2.20:58992
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.96.182.117: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 47.40.163.248: -> 192.168.2.20:
Source: Traffic	Snort IDS: 1251 INFO TELNET Bad Login 124.217.164.38:23 -> 192.168.2.20:34118
Source: Traffic	Snort IDS: 718 INFO TELNET login incorrect 124.217.164.38:23 -> 192.168.2.20:34118
Source: Traffic	Snort IDS: 492 INFO TELNET login failed 200.69.55.42:23 -> 192.168.2.20:34070
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 185.119.72.212: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 89.182.96.94: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 85.10.97.64: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.224.211.191: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 80.112.150.36: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 80.143.54.145: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 79.195.27.230: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.51.99.231: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 12.248.110.34: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 88.73.212.118: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 79.217.51.72: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.215.46.130: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 46.223.210.3: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 80.147.45.219: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 154.95.58.166: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.235.119.103: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.186.131.41: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.132.173.155: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 92.74.210.208: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 92.194.9.36: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 4.4.89.110: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 163.197.245.173: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.50.148.90: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 45.11.207.54: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.119.243.77: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 195.14.136.136: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.64.150.246: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.207.192.249: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 94.114.192.126: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 77.1.210.208: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 12.87.118.17: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 104.237.152.230: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 92.74.177.3: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 92.218.9.79: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 178.10.145.26: -> 192.168.2.20:
Source: Traffic	Snort IDS: 492 INFO TELNET login failed 183.250.83.191:23 -> 192.168.2.20:59058
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 87.185.118.53: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 85.183.140.98: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 139.180.188.198: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 79.230.214.220: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.45.51.254: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 46.94.189.20: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 192.210.200.34: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 104.217.92.195: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 62.93.6.227: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 24.134.148.253: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 217.87.18.220: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.19.120.19: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 81.217.97.217: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 88.78.144.92: -> 192.168.2.20:
Source: Traffic	Snort IDS: 716 INFO TELNET access 114.199.40.246:23 -> 192.168.2.20:43944
Source: Traffic	Snort IDS: 1251 INFO TELNET Bad Login 221.151.198.177:23 -> 192.168.2.20:36048
Source: Traffic	Snort IDS: 718 INFO TELNET login incorrect 221.151.198.177:23 -> 192.168.2.20:36048
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.132.70.130: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 83.162.154.49: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 87.243.178.15: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 87.122.78.117: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.152.253.188: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 87.128.34.158: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 88.70.123.78: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.233.201.79: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 92.214.184.103: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 108.186.79.168: -> 192.168.2.20:
Source: Traffic	Snort IDS: 716 INFO TELNET access 119.206.34.52:23 -> 192.168.2.20:35156
Source: Traffic	Snort IDS: 1251 INFO TELNET Bad Login 196.50.102.25:23 -> 192.168.2.20:45570
Source: Traffic	Snort IDS: 718 INFO TELNET login incorrect 196.50.102.25:23 -> 192.168.2.20:45570
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 23.235.128.77: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.133.16.3: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 175.29.129.64: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.203.195.4: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.225.251.164: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.144.46.97: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 92.200.81.194: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 178.11.49.237: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 178.14.22.120: -> 192.168.2.20:
Source: Traffic	Snort IDS: 492 INFO TELNET login failed 183.250.83.191:23 -> 192.168.2.20:59092
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 178.0.57.83: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 178.4.129.178: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 81.150.161.110: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 185.4.94.50: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 92.78.247.53: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 151.26.123.147: -> 192.168.2.20:
Source: Traffic	Snort IDS: 716 INFO TELNET access 185.251.219.95:23 -> 192.168.2.20:42328
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 108.170.27.139: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 2.200.88.179: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 185.78.173.159: -> 192.168.2.20:
Source: Traffic	Snort IDS: 716 INFO TELNET access 114.199.40.246:23 -> 192.168.2.20:43998
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.248.183.70: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 92.218.85.50: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 78.49.151.201: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 5.231.173.165: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 64.125.80.49: -> 192.168.2.20:
Source: Traffic	Snort IDS: 492 INFO TELNET login failed 117.146.29.109:23 -> 192.168.2.20:55414
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 31.150.70.20: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 82.161.223.213: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 188.193.23.188: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.197.239.171: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 174.62.94.32: -> 192.168.2.20:
Source: Traffic	Snort IDS: 1251 INFO TELNET Bad Login 114.199.40.246:23 -> 192.168.2.20:43944
Source: Traffic	Snort IDS: 718 INFO TELNET login incorrect 114.199.40.246:23 -> 192.168.2.20:43944
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 188.97.174.204: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 31.150.70.1: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 94.223.103.171: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 45.200.22.204: -> 192.168.2.20:
Source: Traffic	Snort IDS: 1251 INFO TELNET Bad Login 119.206.34.52:23 -> 192.168.2.20:35156
Source: Traffic	Snort IDS: 718 INFO TELNET login incorrect 119.206.34.52:23 -> 192.168.2.20:35156
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.226.251.49: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 78.54.205.108: -> 192.168.2.20:
Source: Traffic	Snort IDS: 2023434 ET TROJAN Possible Linux.Mirai Login Attempt (7ujMko0vizxv) 192.168.2.20:40454 -> 80.74.242.118:23
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 218.248.111.21: -> 192.168.2.20:
Source: Traffic	Snort IDS: 1251 INFO TELNET Bad Login 124.217.164.38:23 -> 192.168.2.20:34232
Source: Traffic	Snort IDS: 718 INFO TELNET login incorrect 124.217.164.38:23 -> 192.168.2.20:34232
Source: Traffic	Snort IDS: 492 INFO TELNET login failed 183.250.83.191:23 -> 192.168.2.20:59178
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 85.222.209.168: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 88.69.150.166: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.224.224.169: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 141.195.63.241: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 149.87.18.64: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.138.112.103: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 185.215.224.30: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 87.123.161.241: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 79.214.60.11: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 160.121.124.4: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 77.120.0.199: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 182.248.223.254: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 79.252.202.158: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 2.202.56.223: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 136.144.253.18: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.57.91.59: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 45.205.48.36: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 188.22.62.72: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 89.244.126.193: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 172.121.122.79: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 154.208.4.10: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 118.23.11.10: -> 192.168.2.20:
Source: Traffic	Snort IDS: 1251 INFO TELNET Bad Login 114.199.40.246:23 -> 192.168.2.20:43998
Source: Traffic	Snort IDS: 718 INFO TELNET login incorrect 114.199.40.246:23 -> 192.168.2.20:43998
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 92.201.33.105: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 178.239.176.131: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 87.122.224.192: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 164.82.21.30: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 45.207.76.176: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.44.59.209: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 80.249.210.192: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 218.248.61.217: -> 192.168.2.20:
Source: Traffic	Snort IDS: 716 INFO TELNET access 114.199.40.246:23 -> 192.168.2.20:44100
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 104.239.10.156: -> 192.168.2.20:
Source: Traffic	Snort IDS: 492 INFO TELNET login failed 117.146.29.109:23 -> 192.168.2.20:55530
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 74.135.205.210: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 89.0.71.158: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.183.214.102: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 114.190.178.46: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 88.134.88.7: -> 192.168.2.20:
Source: Traffic	Snort IDS: 716 INFO TELNET access 47.206.117.85:23 -> 192.168.2.20:48256
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 178.6.184.211: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 37.201.101.116: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 84.168.28.123: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 92.83.99.254: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 31.150.119.185: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 94.222.29.27: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 96.90.205.109: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 154.88.48.96: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 2.204.158.120: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 188.98.49.17: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 188.99.24.52: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 178.189.154.187: -> 192.168.2.20:
Source: Traffic	Snort IDS: 2023433 ET TROJAN Possible Linux.Mirai Login Attempt (7ujMko0admin) 192.168.2.20:40514 -> 80.74.242.118:23
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 43.224.110.89: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 45.200.55.97: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 91.58.134.32: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 46.80.79.137: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 77.74.100.162: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 92.195.235.94: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 67.149.86.139: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 24.107.125.132: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 188.97.76.166: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 174.48.120.114: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 188.104.61.118: -> 192.168.2.20:
Source: Traffic	Snort IDS: 1251 INFO TELNET Bad Login 196.50.102.25:23 -> 192.168.2.20:45748
Source: Traffic	Snort IDS: 718 INFO TELNET login incorrect 196.50.102.25:23 -> 192.168.2.20:45748
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 185.112.13.121: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 96.71.94.210: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 93.200.117.225: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 46.249.117.227: -> 192.168.2.20:
Source: Traffic	Snort IDS: 1251 INFO TELNET Bad Login 47.206.117.85:23 -> 192.168.2.20:48256
Source: Traffic	Snort IDS: 718 INFO TELNET login incorrect 47.206.117.85:23 -> 192.168.2.20:48256
Source: Traffic	Snort IDS: 1251 INFO TELNET Bad Login 114.199.40.246:23 -> 192.168.2.20:44100
Source: Traffic	Snort IDS: 718 INFO TELNET login incorrect 114.199.40.246:23 -> 192.168.2.20:44100
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 2.205.230.33: -> 192.168.2.20:
Source: Traffic	Snort IDS: 1251 INFO TELNET Bad Login 221.151.198.177:23 -> 192.168.2.20:36250
Source: Traffic	Snort IDS: 718 INFO TELNET login incorrect 221.151.198.177:23 -> 192.168.2.20:36250
Source: Traffic	Snort IDS: 716 INFO TELNET access 114.199.40.246:23 -> 192.168.2.20:44182
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 79.233.218.48: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 188.97.59.210: -> 192.168.2.20:
Source: Traffic	Snort IDS: 2023433 ET TROJAN Possible Linux.Mirai Login Attempt (7ujMko0admin) 192.168.2.20:49630 -> 39.129.245.254:23
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 192.168.20.18: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 218.248.171.185: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 10.0.252.210: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 77.28.235.131: -> 192.168.2.20:
Source: Traffic	Snort IDS: 486 ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited 39.106.73.161: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 94.134.227.84: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 79.233.246.10: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 2.204.66.177: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 135.148.49.143: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 73.6.50.200: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 204.93.254.38: -> 192.168.2.20:
Source: Traffic	Snort IDS: 485 ICMP Destination Unreachable Communication Administratively Prohibited 198.29.37.72: -> 192.168.2.20:

Uses known network protocols on non-standard ports

Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37370
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37372
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37374
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37376
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37380
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37382
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37386
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37388
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37390
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37392
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 41006
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 41022
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 41032
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 41042
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 41052
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 41072
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 41080
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 41090
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 41100
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 41110

Detected TCP or UDP traffic on non-standard ports

Source: global traffic

TCP traffic: 192.168.2.20:35686 -> 37.230.137.227:1312

Sample listens on a socket

Source: /tmp/D1dU3jQ1II (PID: 4590)	Socket: 0.0.0.0::0			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4594)	Socket: 0.0.0.0::0			Jump to behavior
Source: /usr/sbin/sshd (PID: 4603)	Socket: 0.0.0.0::22			Jump to behavior
Source: /usr/sbin/sshd (PID: 4603)	Socket: [::]::22			Jump to behavior

Connects to IPs without corresponding DNS lookups

Source: unknown	TCP traffic detected without corresponding DNS query: 37.230.137.227
Source: unknown	TCP traffic detected without corresponding DNS query: 71.67.71.84
Source: unknown	TCP traffic detected without corresponding DNS query: 79.130.42.170
Source: unknown	TCP traffic detected without corresponding DNS query: 98.28.166.171
Source: unknown	TCP traffic detected without corresponding DNS query: 195.147.132.83
Source: unknown	TCP traffic detected without corresponding DNS query: 77.165.56.133
Source: unknown	TCP traffic detected without corresponding DNS query: 78.73.174.58
Source: unknown	TCP traffic detected without corresponding DNS query: 60.111.115.18
Source: unknown	TCP traffic detected without corresponding DNS query: 57.172.91.60
Source: unknown	TCP traffic detected without corresponding DNS query: 38.41.118.77
Source: unknown	TCP traffic detected without corresponding DNS query: 218.24.194.198
Source: unknown	TCP traffic detected without corresponding DNS query: 34.25.233.111
Source: unknown	TCP traffic detected without corresponding DNS query: 153.237.197.236
Source: unknown	TCP traffic detected without corresponding DNS query: 106.98.20.9
Source: unknown	TCP traffic detected without corresponding DNS query: 17.31.18.171
Source: unknown	TCP traffic detected without corresponding DNS query: 121.46.137.118
Source: unknown	TCP traffic detected without corresponding DNS query: 209.157.64.104
Source: unknown	TCP traffic detected without corresponding DNS query: 96.141.89.253
Source: unknown	TCP traffic detected without corresponding DNS query: 144.3.70.15
Source: unknown	TCP traffic detected without corresponding DNS query: 123.180.48.101
Source: unknown	TCP traffic detected without corresponding DNS query: 34.131.208.116
Source: unknown	TCP traffic detected without corresponding DNS query: 175.94.250.99
Source: unknown	TCP traffic detected without corresponding DNS query: 156.167.52.170
Source: unknown	TCP traffic detected without corresponding DNS query: 54.127.46.116
Source: unknown	TCP traffic detected without corresponding DNS query: 87.11.28.79
Source: unknown	TCP traffic detected without corresponding DNS query: 199.76.8.74
Source: unknown	TCP traffic detected without corresponding DNS query: 97.180.9.181
Source: unknown	TCP traffic detected without corresponding DNS query: 9.170.225.136
Source: unknown	TCP traffic detected without corresponding DNS query: 190.202.122.15
Source: unknown	TCP traffic detected without corresponding DNS query: 80.4.137.32
Source: unknown	TCP traffic detected without corresponding DNS query: 17.21.190.50
Source: unknown	TCP traffic detected without corresponding DNS query: 83.33.50.146
Source: unknown	TCP traffic detected without corresponding DNS query: 177.237.209.35
Source: unknown	TCP traffic detected without corresponding DNS query: 107.217.157.133
Source: unknown	TCP traffic detected without corresponding DNS query: 150.231.119.37
Source: unknown	TCP traffic detected without corresponding DNS query: 74.12.35.227
Source: unknown	TCP traffic detected without corresponding DNS query: 1.179.193.163
Source: unknown	TCP traffic detected without corresponding DNS query: 88.53.8.25
Source: unknown	TCP traffic detected without corresponding DNS query: 251.245.200.220
Source: unknown	TCP traffic detected without corresponding DNS query: 107.91.224.145
Source: unknown	TCP traffic detected without corresponding DNS query: 211.12.20.67
Source: unknown	TCP traffic detected without corresponding DNS query: 72.137.187.144
Source: unknown	TCP traffic detected without corresponding DNS query: 206.143.237.252
Source: unknown	TCP traffic detected without corresponding DNS query: 243.200.171.54
Source: unknown	TCP traffic detected without corresponding DNS query: 219.129.219.182
Source: unknown	TCP traffic detected without corresponding DNS query: 183.253.196.55
Source: unknown	TCP traffic detected without corresponding DNS query: 245.90.160.79
Source: unknown	TCP traffic detected without corresponding DNS query: 5.26.96.6
Source: unknown	TCP traffic detected without corresponding DNS query: 80.249.112.74
Source: unknown	TCP traffic detected without corresponding DNS query: 39.41.223.196

URLs found in memory or binary data

Source: D1dU3jQ1II

String found in binary or memory: http://upx.sf.net

System Summary:

Sample contains only a LOAD segment without any section mappings

Source: LOAD without section mappings

Program segment: 0x100000

Sample tries to kill a process (SIGKILL)

Source: /tmp/D1dU3jQ1II (PID: 4594)

SIGKILL sent: pid: 1339, result: successful

Jump to behavior

Classification label

Source: classification engine

Classification label: mal72.troj.evad.lin@0/2@0/0

Data Obfuscation:

Sample is packed with UPX

Source: initial sample	String containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
Source: initial sample	String containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
Source: initial sample	String containing UPX found: $Id: UPX 3.94 Copyright (C) 1996-2017 the UPX Team. All Rights Reserved. $

Persistence and Installation Behavior:

Enumerates processes within the "proc" file system

Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/1065/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3485/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3484/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/1062/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3482/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3481/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/1060/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/550/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/1017/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/1059/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3479/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3512/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3477/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/1452/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3432/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3632/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3678/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3518/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3497/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3133/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3452/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3496/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/1072/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3491/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3527/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/1/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3525/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/1346/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3524/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3601/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3523/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/1024/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/1145/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3488/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3565/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3289/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3443/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3606/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/2516/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/4590/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/4592/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/4594/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/1363/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3541/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3463/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/1362/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/2251/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3262/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/1084/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3380/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/496/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3611/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3377/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/1155/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/1078/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/535/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/4543/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/4304/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/1119/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3616/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/1091/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3790/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3791/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/2386/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3310/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3431/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3596/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3473/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3550/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/1095/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3625/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3502/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3546/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3303/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3501/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3545/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/1443/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3467/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3543/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/4598/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3308/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4590)	File opened: /proc/3429/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4594)	File opened: /proc/1091/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4594)	File opened: /proc/1065/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4594)	File opened: /proc/1062/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4594)	File opened: /proc/1084/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4594)	File opened: /proc/1095/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4594)	File opened: /proc/1072/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4594)	File opened: /proc/1060/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4594)	File opened: /proc/550/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4594)	File opened: /proc/1/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4594)	File opened: /proc/496/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4594)	File opened: /proc/1017/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4594)	File opened: /proc/1059/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4594)	File opened: /proc/1024/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4594)	File opened: /proc/1145/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4594)	File opened: /proc/535/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4594)	File opened: /proc/1078/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4594)	File opened: /proc/1155/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4594)	File opened: /proc/1119/fd			Jump to behavior
Source: /tmp/D1dU3jQ1II (PID: 4594)	File opened: /proc/1339/fd			Jump to behavior

Hooking and other Techniques for Hiding and Protection:

Uses known network protocols on non-standard ports

Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37370
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37372
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37374
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37376
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37380
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37382
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37386
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37388
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37390
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 37392
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 41006
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 41022
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 41032
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 41042
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 41052
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 41072
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 41080
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 41090
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 41100
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 41110

Malware Analysis System Evasion:

Uses the "uname" system call to query kernel version information (possible evasion)

Source: /tmp/D1dU3jQ1II (PID: 4574)

Queries kernel information via 'uname':

Jump to behavior