Network Analysis
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| www.securityresearch.ca |
CNAME
securityresearch.ca
|
64.235.108.186 |
- UDP Requests
-
-
192.168.56.103:53893 164.124.101.2:53
-
192.168.56.103:137 192.168.56.255:137
-
192.168.56.103:138 192.168.56.255:138
-
192.168.56.103:49152 239.255.255.250:3702
-
192.168.56.103:49168 239.255.255.250:1900
-
192.168.56.103:49170 239.255.255.250:3702
-
192.168.56.103:49172 239.255.255.250:3702
-
192.168.56.103:49174 239.255.255.250:3702
-
GET
200
http://www.securityresearch.ca/infected/8K3F19/ServiceUpdater.exe
REQUEST
RESPONSE
BODY
GET /infected/8K3F19/ServiceUpdater.exe HTTP/1.1
Host: www.securityresearch.ca
Connection: close
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 18 Aug 2021 00:40:48 GMT
Content-Type: application/x-msdos-program
Content-Length: 224
Connection: close
Last-Modified: Sat, 04 Jan 2020 14:24:31 GMT
ETag: "e0-59b512f42e5f3"
Accept-Ranges: bytes
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts