NetWork | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.21 02:09
random.exe
09.21 02:09
sdhsfd.exe
09.21 02:09
66edb89bc4073_crypted....
09.21 02:09
66ed33772bbe7_vdfhsjf1...
09.21 02:09
game.exe
09.21 02:09
66ebb3bf78bd6_Send.exe...
09.21 02:09
66ed33717e4c1_vfdshfda...
09.21 02:09
random.exe
09.21 02:09
66ed336eac985_vdfhssfd...
09.21 02:09
66ed7ef071886_crypted....

Latest News
09.22 01:09
03 - Identifying Signs...
09.22 01:09
Hacktivist Group Twelv...
09.22 01:09
Join us at Microsoft I...
09.22 01:09
How comprehensive secu...
09.21 11:09
LinkedIn Halts AI Data...
09.21 11:09
Ukraine Bans Telegram ...
09.21 11:09
Against Elitism
09.21 11:09
5 Best Practices For E...
09.21 10:09
Fälschung enttarnt: De...
09.21 10:09
ChatGPT o1: Revolution...

NetWork | ZeroBOX

IP Address	Status	Action
104.21.46.148	Active	Moloch
104.21.73.149	Active	Moloch
108.170.12.50	Active	Moloch
13.248.169.48	Active	Moloch
13.56.33.8	Active	Moloch
133.125.38.187	Active	Moloch
145.239.5.159	Active	Moloch
15.197.142.173	Active	Moloch
153.120.34.73	Active	Moloch
153.122.24.177	Active	Moloch
153.126.211.112	Active	Moloch
157.7.107.88	Active	Moloch
172.67.135.11	Active	Moloch
18.197.121.220	Active	Moloch
185.151.30.147	Active	Moloch
185.230.63.107	Active	Moloch
192.124.249.12	Active	Moloch
192.124.249.14	Active	Moloch
192.124.249.9	Active	Moloch
164.124.101.2	Active	Moloch
194.169.175.43	Active	Moloch
192.169.149.78	Active	Moloch
194.143.194.23	Active	Moloch
195.128.140.29	Active	Moloch
195.5.116.23	Active	Moloch
198.185.159.144	Active	Moloch
198.185.159.145	Active	Moloch
199.34.228.78	Active	Moloch
204.15.134.44	Active	Moloch
205.149.134.32	Active	Moloch
207.180.198.201	Active	Moloch
211.1.226.67	Active	Moloch
216.177.137.32	Active	Moloch
23.236.62.147	Active	Moloch
3.33.130.190	Active	Moloch
35.172.94.1	Active	Moloch
35.214.171.193	Active	Moloch
35.231.13.148	Active	Moloch
49.12.155.123	Active	Moloch
49.212.235.59	Active	Moloch
5.134.13.210	Active	Moloch
51.159.3.117	Active	Moloch
61.200.81.21	Active	Moloch
75.2.70.75	Active	Moloch
77.78.104.3	Active	Moloch
83.223.113.46	Active	Moloch
86.105.245.69	Active	Moloch
87.98.236.253	Active	Moloch
89.161.136.188	Active	Moloch
91.220.211.163	Active	Moloch
92.42.191.40	Active	Moloch
93.188.2.51	Active	Moloch
99.83.190.102	Active	Moloch

Name	Response	Post-Analysis Lookup
amm.mine.nu	A 194.169.175.43	194.169.175.43

TCP Requests

UDP Requests

No traffic

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

Flow	SID	Signature	Category
UDP 192.168.56.103:52760 -> 164.124.101.2:53	2042513	ET INFO DYNAMIC_DNS Query to a *.mine .nu Domain	Potentially Bad Traffic
TCP 194.169.175.43:1335 -> 192.168.56.103:49168	2030673	ET MALWARE Observed Malicious SSL Cert (AsyncRAT Server)	Domain Observed Used for C2 Detected
TCP 194.169.175.43:1335 -> 192.168.56.103:49168	2035595	ET MALWARE Generic AsyncRAT Style SSL Cert	Domain Observed Used for C2 Detected

Suricata TLS

Flow	Issuer	Subject	Fingerprint
TLSv1 192.168.56.103:49168 194.169.175.43:1335	CN=AsyncRAT Server	CN=AsyncRAT Server	c0:74:2f:cf:ac:08:26:95:4d:1f:b6:6f:1e:ab:22:b3:91:b1:75:90

Snort Alerts

No Snort Alerts