Network Analysis
Name | Response | Post-Analysis Lookup |
---|---|---|
cdn.krnl.place | 15.235.160.180 | |
k-storage.com | 104.21.3.196 | |
sslcom.repository.certum.pl | 23.43.165.169 |
- TCP Requests
-
-
192.168.56.103:49170 104.21.3.196:443k-storage.com
-
104.21.3.196:443 192.168.56.103:49172
-
192.168.56.103:49162 15.235.160.180:443cdn.krnl.place
-
192.168.56.103:49163 15.235.160.180:443cdn.krnl.place
-
192.168.56.103:49164 15.235.160.180:443cdn.krnl.place
-
192.168.56.103:49165 15.235.160.180:443cdn.krnl.place
-
192.168.56.103:49166 15.235.160.180:443cdn.krnl.place
-
192.168.56.103:49167 15.235.160.180:443cdn.krnl.place
-
192.168.56.103:49168 15.235.160.180:443cdn.krnl.place
-
192.168.56.103:49185 23.43.165.169:80sslcom.repository.certum.pl
-
- UDP Requests
-
-
192.168.56.103:51935 164.124.101.2:53
-
192.168.56.103:60117 164.124.101.2:53
-
192.168.56.103:60880 164.124.101.2:53
-
192.168.56.103:137 192.168.56.255:137
-
192.168.56.103:138 192.168.56.255:138
-
192.168.56.103:49152 239.255.255.250:3702
-
192.168.56.103:51938 239.255.255.250:1900
-
192.168.56.103:51940 239.255.255.250:3702
-
GET
200
https://k-storage.com/bootstrapperChecksum.txt
REQUEST
RESPONSE
BODY
GET /bootstrapperChecksum.txt HTTP/1.1
User-Agent: krnl_bootstrapper - Krnl
Host: k-storage.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 09:53:28 GMT
Content-Type: text/plain
Content-Length: 32
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 14:43:59 GMT
ETag: "6329d1af-20"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JW5bQ3pudFlWLkXYPIKbktRNwVsV7BpCQOqv8rMOEqUvRF9PpmKZ7wLhVcrP3tPBO2aT4ya07oen0atz4smaziWYtZuXfN2BOLJK%2BJYF4Nycj%2BNB28jwEw4GJuXHW6PI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7502df7a2b318d28-KIX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET
200
https://k-storage.com/krnl_bootstrapper.exe
REQUEST
RESPONSE
BODY
GET /krnl_bootstrapper.exe HTTP/1.1
Host: k-storage.com
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 09:53:28 GMT
Content-Type: application/octet-stream
Content-Length: 1208752
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 14:43:40 GMT
ETag: "6329d19c-1271b0"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OASI8Le58Dgu1ne1ApGNtQevJeWCyPOb%2BceuKU2dhzhmb9tey0PCjikZIKEzp5YVJFMByrYb8Tt%2BPQZKQKPT37nu2x2aE8ld7eYBIFShLT6uauqsiVUVj6DPP7i5BMqq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7502df7b5d348d28-KIX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET
200
https://k-storage.com/bootstrapper/files/hashes.txt
REQUEST
RESPONSE
BODY
GET /bootstrapper/files/hashes.txt HTTP/1.1
User-Agent: krnl_bootstrapper - Krnl
Host: k-storage.com
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 09:53:30 GMT
Content-Type: text/plain
Content-Length: 426
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 19:18:43 GMT
ETag: "632e0693-1aa"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dc3WXGu1LTqPo32CVuzSU48D3XnvX0THyOozWXQ3ToD%2FGV6BtMIiHs8uqdgS9FNtTO5iuogrbMQpkh05bXqkwpEOWOvfzaxcU3ip5CvI7iMXqdeents6vU9CkkexyKPy"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7502df81c84c8d28-KIX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET
0
https://k-storage.com/bootstrapper/files/krnlss.exe.config
REQUEST
RESPONSE
GET /bootstrapper/files/krnlss.exe.config HTTP/1.1
User-Agent: krnl_bootstrapper - Krnl
Host: k-storage.com
hÀè
YÃVWjèiÕ Y¿ÇðÏè|ò j VÏÇÇBèø hÊèÒ Y_^ùÁÆéó ¹ÀÆèÛà hÔè° YùàÇèÅà hèè YÃhÞè YùÉè hòèx YÃVñèE @FPÿ\ èôD @FÇF @ ÇF( ÇF, ÇF0 ÇF4 ÇF8 ÇF<