popup
NetWork | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Network Analysis

Download pcap
Hosts 4 DNS 1 TCP 3 UDP 4 HTTP(S) 1 ICMP 0 IRC 0 Suricata Snort
IP Address Status Action
164.124.101.2 Active Moloch
185.22.155.64 Active Moloch
35.244.181.201 Active Moloch
99.86.144.82 Active Moloch
Name Response Post-Analysis Lookup
antimalwarebyte.xyz
A 185.22.155.64
185.22.155.64
POST 200 http://antimalwarebyte.xyz/collect.php
REQUEST
RESPONSE
BODY 

            

        


    



        
	




                            
ICMP traffic



No ICMP traffic performed.



                            
IRC traffic



No IRC requests performed.



                            
Suricata Alerts


    

        

            Flow
            SID
            Signature
            Category
        

        
        

            
                TCP
                192.168.56.102:49321 ->
                185.22.155.64:80
            
            2027108
            ET HUNTING Suspicious Zipped Filename in Outbound POST Request (screenshot.) M2
            A Network Trojan was detected
        

        
    




Suricata TLS


    
No Suricata TLS




                            
Snort Alerts


    
No Snort Alerts