NetWork | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.13 04:11
hello.exe
11.13 03:11
espsemhvcioff.exe
11.13 02:11
Geek_se.exe
11.13 02:11
cred64.dll
11.13 02:11
svhost.exe
11.13 02:11
nb.exe
11.13 02:11
svcyr.exe
11.13 02:11
Ghost_1.5.11.5.exe
11.13 02:11
PowderGpl.exe
11.13 02:11
goodlabel%E6%89%93%E5%...

Latest News
11.13 11:11
Charter to Buy Liberty...
11.13 10:11
Understanding and Iden...
11.13 10:11
Using Bitsight Cyberse...
11.13 10:11
Avoid the URL Phishing...
11.13 10:11
Microsoft 365: Guide T...
11.13 10:11
Accel Leads $145 Milli...
11.13 10:11
Super Micro Delays Ano...
11.13 10:11
Study Reveals Security...
11.13 10:11
Microsoft’s November 2...
11.13 10:11
Microsoft Patchday Nov...

NetWork | ZeroBOX

IP Address	Status	Action
151.101.40.209	Active	Moloch
164.124.101.2	Active	Moloch
185.199.110.133	Active	Moloch
185.232.14.169	Active	Moloch
185.222.58.83	Active	Moloch
20.200.245.247	Active	Moloch

Name	Response	Post-Analysis Lookup
repo1.maven.org	A 151.101.40.209 CNAME dualstack.sonatype.map.fastly.net	199.232.196.209
50kteam.dynamic-dns.net	A 185.222.58.83	185.222.58.83
github.com	A 20.200.245.247	20.200.245.247
objects.githubusercontent.com	A 185.199.109.133 A 185.199.111.133 A 185.199.110.133 A 185.199.108.133	185.199.109.133
wshsoft.company	A 185.232.14.169	185.232.14.169

TCP Requests

UDP Requests

GET 200 http://wshsoft.company/jv/jrex.zip

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

Flow	Issuer	Subject	Fingerprint
TLS 1.2 192.168.56.101:49171 185.199.110.133:443	C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1	C=US, ST=California, L=San Francisco, O=GitHub, Inc., CN=*.github.io	a1:46:14:c7:2a:1d:52:79:f6:aa:2b:b2:c5:0a:3b:d3:f5:02:06:75
TLS 1.2 192.168.56.101:49170 151.101.40.209:443	C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2023 Q1	CN=repo1.maven.org	94:bc:2a:d0:1a:cf:41:94:d4:9a:de:44:ab:b4:42:39:8a:f6:bf:f3
TLS 1.2 192.168.56.101:49169 151.101.40.209:443	C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2023 Q1	CN=repo1.maven.org	94:bc:2a:d0:1a:cf:41:94:d4:9a:de:44:ab:b4:42:39:8a:f6:bf:f3
TLS 1.2 192.168.56.101:49167 20.200.245.247:443	C=US, O=DigiCert Inc, CN=DigiCert TLS Hybrid ECC SHA384 2020 CA1	C=US, ST=California, L=San Francisco, O=GitHub, Inc., CN=github.com	a3:b5:9e:5f:e8:84:ee:1f:34:d9:8e:ef:85:8e:3f:b6:62:ac:10:4a
TLS 1.2 192.168.56.101:49168 151.101.40.209:443	C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2023 Q1	CN=repo1.maven.org	94:bc:2a:d0:1a:cf:41:94:d4:9a:de:44:ab:b4:42:39:8a:f6:bf:f3

Snort Alerts

No Snort Alerts