NetWork | ZeroBOX

Name	Response	Post-Analysis Lookup
hata.co.za	A 154.0.162.214	154.0.162.214
jerenyankipong.duckdns.org	A 129.232.18.35	129.232.18.35

No ICMP traffic performed.

No IRC requests performed.

Flow	SID	Signature	Category
UDP 192.168.56.101:55871 -> 164.124.101.2:53	2022918	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain	Misc activity
TCP 154.0.162.214:80 -> 192.168.56.101:49175	2018959	ET POLICY PE EXE or DLL Windows file download HTTP	Potential Corporate Privacy Violation
TCP 154.0.162.214:80 -> 192.168.56.101:49175	2022053	ET MALWARE Likely Evil EXE download from MSXMLHTTP non-exe extension M2	A Network Trojan was detected

No Suricata TLS

No Snort Alerts