Network Analysis
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| apcweb.com.ar | 192.185.112.177 |
GET
404
http://apcweb.com.ar/wpx.exe
REQUEST
RESPONSE
BODY
GET /wpx.exe HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:80.0) Gecko/20100101 Firefox/80.0
Host: apcweb.com.ar
Connection: Keep-Alive
HTTP/1.1 404 Not Found
Date: Thu, 23 Dec 2021 02:14:39 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 24 Feb 2020 21:48:04 GMT
Accept-Ranges: bytes
Content-Length: 11816
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=75
Content-Type: text/html
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
| Flow | SID | Signature | Category |
|---|---|---|---|
| TCP 192.168.56.101:49167 -> 192.185.112.177:80 | 2019714 | ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile | Potentially Bad Traffic |
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts