NetWork | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
01.18 04:01
svc.exe
01.18 04:01
RemittanceForms.exe
01.18 04:01
Aristois-Free.jar
01.18 10:01
setup641.msi
01.18 10:01
Needle_Setup.exe
01.18 10:01
8734_5737.exe
01.18 10:01
CondoGenerator.exe
01.18 10:01
QGFQTHIU.exe
01.18 10:01
4909_7122.exe
01.18 10:01
Updater.exe

Latest News
01.19 07:01
Star Blizzard: Russisc...
01.19 07:01
Ingenieur baut KI-Waff...
01.19 07:01
Apple Intelligence: Ei...
01.19 06:01
Decoding the flag by m...
01.19 06:01
Investigating USB-to-E...
01.19 05:01
Perplexity Submits Bid...
01.19 05:01
Javice Says Ex-Colleag...
01.19 03:01
Putting Cheap Motorcyc...
01.19 03:01
Trump Will ‘Most Likel...
01.19 01:01
DOJ confirms arrested ...

NetWork | ZeroBOX

IP Address	Status	Action
45.77.76.224	Active	Moloch

Name	Response	Post-Analysis Lookup
No hosts contacted.

TCP Requests

UDP Requests

POST 200 http://45.77.76.224/~clinics/?check

POST 200 http://45.77.76.224/~clinics/?check

POST 200 http://45.77.76.224/~clinics/?check

POST 200 http://45.77.76.224/~clinics/?check

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

Flow	SID	Signature	Category
TCP 192.168.56.101:49165 -> 45.77.76.224:80	2021641	ET MALWARE LokiBot User-Agent (Charon/Inferno)	A Network Trojan was detected
TCP 192.168.56.101:49166 -> 45.77.76.224:80	2021641	ET MALWARE LokiBot User-Agent (Charon/Inferno)	A Network Trojan was detected
TCP 192.168.56.101:49169 -> 45.77.76.224:80	2021641	ET MALWARE LokiBot User-Agent (Charon/Inferno)	A Network Trojan was detected
TCP 192.168.56.101:49167 -> 45.77.76.224:80	2021641	ET MALWARE LokiBot User-Agent (Charon/Inferno)	A Network Trojan was detected
TCP 192.168.56.101:49165 -> 45.77.76.224:80	2024312	ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1	A Network Trojan was detected
TCP 192.168.56.101:49166 -> 45.77.76.224:80	2024312	ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1	A Network Trojan was detected
TCP 192.168.56.101:49165 -> 45.77.76.224:80	2024317	ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2	A Network Trojan was detected
TCP 192.168.56.101:49169 -> 45.77.76.224:80	2024313	ET MALWARE LokiBot Request for C2 Commands Detected M1	Malware Command and Control Activity Detected
TCP 192.168.56.101:49166 -> 45.77.76.224:80	2024317	ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2	A Network Trojan was detected
TCP 192.168.56.101:49167 -> 45.77.76.224:80	2024313	ET MALWARE LokiBot Request for C2 Commands Detected M1	Malware Command and Control Activity Detected
TCP 192.168.56.101:49169 -> 45.77.76.224:80	2024318	ET MALWARE LokiBot Request for C2 Commands Detected M2	Malware Command and Control Activity Detected
TCP 192.168.56.101:49167 -> 45.77.76.224:80	2024318	ET MALWARE LokiBot Request for C2 Commands Detected M2	Malware Command and Control Activity Detected

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts