NetWork | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.20 09:11
mainbas.bat
11.20 09:11
dll007.dll
11.20 09:11
exe004.exe
11.20 09:11
exe010.exe
11.20 09:11
blecher.exe
11.20 09:11
GetAdapterInfo.exe
11.20 09:11
dll004.dll
11.20 09:11
dll008.dll
11.20 09:11
bestthingsalwaysgetbes...
11.20 09:11
DKM-9067291.pdf.lnk

Latest News
11.20 09:11
China Mobile Discusses...
11.20 09:11
인사이터, '2024 테스트베드 서울 실...
11.20 09:11
와이스, 토스페이먼츠 퀵계좌이체 서비스 ...
11.20 09:11
맞춤정장 브랜드 아틀레 부산점, 전문 테...
11.20 09:11
한국장학진흥원, 캘리그라피·정리수납전문가...
11.20 09:11
[사전규격공개] 해외 인터넷 정보보호 법...
11.20 09:11
2025년 정보보호 클러스터 운영관리 용역
11.20 09:11
IT Sicherheitsnews stü...
11.20 09:11
IT Sicherheitsnews tae...
11.20 09:11
한국능률교육평가원, 아이돌봄·노인돌봄 방...

NetWork | ZeroBOX

IP Address	Status	Action
103.132.242.26	Active	Moloch
104.168.155.143	Active	Moloch
164.124.101.2	Active	Moloch
164.90.222.65	Active	Moloch
167.172.199.165	Active	Moloch
182.162.143.56	Active	Moloch
183.111.227.137	Active	Moloch
187.63.160.88	Active	Moloch
66.228.32.31	Active	Moloch
72.15.201.15	Active	Moloch
91.121.146.47	Active	Moloch
91.207.28.33	Active	Moloch

Name	Response	Post-Analysis Lookup
No hosts contacted.

TCP Requests

UDP Requests

No traffic

ICMP traffic

Source	Destination	ICMP Type	Data
103.132.242.26	192.168.56.102	3
103.132.242.26	192.168.56.102	3

IRC traffic

No IRC requests performed.

Suricata Alerts

Flow	SID	Signature	Category
TCP 192.168.56.102:49187 -> 187.63.160.88:80	2404307	ET CNC Feodo Tracker Reported CnC Server group 8	A Network Trojan was detected
TCP 66.228.32.31:7080 -> 192.168.56.102:49184	2029340	ET INFO TLS Handshake Failure	Potentially Bad Traffic
TCP 187.63.160.88:80 -> 192.168.56.102:49188	2029340	ET INFO TLS Handshake Failure	Potentially Bad Traffic
TCP 192.168.56.102:49189 -> 167.172.199.165:8080	2404304	ET CNC Feodo Tracker Reported CnC Server group 5	A Network Trojan was detected
TCP 192.168.56.102:49185 -> 182.162.143.56:443	2404306	ET CNC Feodo Tracker Reported CnC Server group 7	A Network Trojan was detected
TCP 167.172.199.165:8080 -> 192.168.56.102:49190	2029340	ET INFO TLS Handshake Failure	Potentially Bad Traffic
TCP 182.162.143.56:443 -> 192.168.56.102:49186	2029340	ET INFO TLS Handshake Failure	Potentially Bad Traffic
TCP 192.168.56.102:49192 -> 104.168.155.143:8080	2404300	ET CNC Feodo Tracker Reported CnC Server group 1	A Network Trojan was detected
TCP 91.121.146.47:8080 -> 192.168.56.102:49182	2029340	ET INFO TLS Handshake Failure	Potentially Bad Traffic

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts