Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6402 | July 2, 2021, 6:10 p.m. | July 2, 2021, 6:13 p.m. |
-
java.exe "C:\Program Files\Java\jre7\bin\java.exe" -jar C:\Users\test22\AppData\Local\Temp\InvoiceP038455.jar
8452
Name | Response | Post-Analysis Lookup |
---|---|---|
d2js2viceajwla.cloudfront.net |
AAAA
2600:9000:2139:e400:11:6feb:6f80:93a1
AAAA
2600:9000:2139:f200:11:6feb:6f80:93a1
AAAA
2600:9000:2139:9a00:11:6feb:6f80:93a1
AAAA
2600:9000:2139:e600:11:6feb:6f80:93a1
AAAA
2600:9000:2139:6000:11:6feb:6f80:93a1
AAAA
2600:9000:2139:7200:11:6feb:6f80:93a1
AAAA
2600:9000:2139:3000:11:6feb:6f80:93a1
AAAA
2600:9000:2139:1c00:11:6feb:6f80:93a1
|
54.230.62.19 |
aus.thunderbird.net | 54.230.62.19 | |
prod.balrog.prod.cloudops.mozgcp.net | 35.244.181.201 | |
d2js2viceajwla.cloudfront.net | 54.230.62.19 | |
aus5.mozilla.org | 35.244.181.201 | |
prod.balrog.prod.cloudops.mozgcp.net | 35.244.181.201 |
Suricata Alerts
No Suricata Alerts
Suricata TLS
Flow | Issuer | Subject | Fingerprint |
---|---|---|---|
TLS 1.2 192.168.56.102:49322 99.86.202.125:443 |
C=US, O=Let's Encrypt, CN=R3 | CN=thunderbird.net | dd:92:a0:f3:c5:f2:3a:c7:42:66:30:75:8a:b3:b3:03:6b:8c:df:9d |
TLS 1.2 192.168.56.102:49323 35.244.181.201:443 |
C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA | C=US, ST=California, L=Mountain View, O=Mozilla Corporation, CN=aus5.mozilla.org | 37:1a:8a:6e:ae:e7:b7:ae:1f:a9:c0:87:53:e5:a0:94:ef:0b:de:0c |
host | 99.86.144.100 | |||
host | 99.86.144.46 | |||
host | 99.86.144.61 | |||
host | 99.86.144.82 |
count | 3512 | name | heapspray | process | java.exe | total_mb | 878 | length | 262144 | protection | PAGE_READWRITE |