NetWork | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.21 02:09
l6E.exe
09.20 01:09
setup.exe
09.20 11:09
3uTools.exe
09.20 11:09
66ecb4573225b_vsbhfdg1...
09.20 10:09
66ecb452ba19c_sfbdsgfd...
09.20 10:09
66ecb44c35444_vfdhsgdf...
09.20 10:09
66ec0e61998bf_setup30.exe
09.20 10:09
66ebf725efe38_lyla.exe
09.20 10:09
Desktop_Explorer.exe
09.20 10:09
66ec3528901bb_winupdat...

Latest News
09.21 02:09
Google Faces EU Ultima...
09.21 02:09
This New Video Game Is...
09.21 02:09
FTC finds social media...
09.21 02:09
FTC finds social media...
09.21 01:09
Automate detection and...
09.21 01:09
Hackaday Podcast Episo...
09.21 01:09
The Russian Bot Army T...
09.21 01:09
Australia’s Labor Part...
09.21 12:09
Inviting the Public to...
09.21 12:09
How Ransomhub Ransomwa...

NetWork | ZeroBOX

IP Address	Status	Action
164.124.101.2	Active	Moloch
3.5.25.172	Active	Moloch

Name	Response	Post-Analysis Lookup
ascend.macronator.biz	CNAME s3-1-w.amazonaws.com A 52.217.195.57 A 3.5.29.79 CNAME s3-w.us-east-1.amazonaws.com A 3.5.8.150 A 54.231.128.105 A 52.217.76.196 CNAME ascend.macronator.biz.s3.amazonaws.com A 3.5.25.172 A 54.231.234.249 A 52.217.120.81	16.182.36.201

TCP Requests
- 192.168.56.101:49162 3.5.25.172:80
  ascend.macronator.biz

UDP Requests

GET 200 http://ascend.macronator.biz/bot/hash.crc

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

Flow	SID	Signature	Category
UDP 192.168.56.101:59002 -> 164.124.101.2:53	2027863	ET INFO Observed DNS Query to .biz TLD	Potentially Bad Traffic

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts