Network Analysis
Name | Response | Post-Analysis Lookup |
---|---|---|
180.ip.ply.gg | 209.25.142.180 |
GET
200
http://44.203.122.41/Obexe.ps1
REQUEST
RESPONSE
BODY
GET /Obexe.ps1 HTTP/1.1
Host: 44.203.122.41
Connection: Keep-Alive
HTTP/1.1 200 OK
Date: Mon, 18 Sep 2023 00:39:48 GMT
Server: Apache/2.4.55 (Win64) OpenSSL/1.1.1s
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 13 Aug 2023 18:01:08 GMT
ETag: "23bd8-602d1baf0bd25"
Accept-Ranges: bytes
Content-Length: 146392
Keep-Alive: timeout=5, max=100
GET
200
http://44.203.122.41/mini.ps1
REQUEST
RESPONSE
BODY
GET /mini.ps1 HTTP/1.1
Host: 44.203.122.41
HTTP/1.1 200 OK
Date: Mon, 18 Sep 2023 00:39:49 GMT
Server: Apache/2.4.55 (Win64) OpenSSL/1.1.1s
Last-Modified: Mon, 24 Jul 2023 13:07:36 GMT
ETag: "264-6013b4c607aeb"
Accept-Ranges: bytes
Content-Length: 612
GET
200
http://44.203.122.41/Night_uac/down.ps1
REQUEST
RESPONSE
BODY
GET /Night_uac/down.ps1 HTTP/1.1
Host: 44.203.122.41
HTTP/1.1 200 OK
Date: Mon, 18 Sep 2023 00:40:04 GMT
Server: Apache/2.4.55 (Win64) OpenSSL/1.1.1s
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sat, 15 Jul 2023 19:24:46 GMT
ETag: "115-6008b84a5468b"
Accept-Ranges: bytes
Content-Length: 277
GET
200
http://44.203.122.41/winlogin.exe
REQUEST
RESPONSE
BODY
GET /winlogin.exe HTTP/1.1
Host: 44.203.122.41
HTTP/1.1 200 OK
Date: Mon, 18 Sep 2023 00:40:04 GMT
Server: Apache/2.4.55 (Win64) OpenSSL/1.1.1s
Last-Modified: Sat, 24 Jun 2023 21:27:57 GMT
ETag: "a000-5fee6ca8c410c"
Accept-Ranges: bytes
Content-Length: 40960
Content-Type: application/x-msdownload
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts