NetWork | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.22 04:09
2.exe
09.21 02:09
random.exe
09.21 02:09
sdhsfd.exe
09.21 02:09
66edb89bc4073_crypted....
09.21 02:09
66ed33772bbe7_vdfhsjf1...
09.21 02:09
game.exe
09.21 02:09
66ebb3bf78bd6_Send.exe...
09.21 02:09
66ed33717e4c1_vfdshfda...
09.21 02:09
random.exe
09.21 02:09
66ed336eac985_vdfhssfd...

Latest News
09.22 02:09
넷앤드, 시스템 접근통제 및 계정관리 분...
09.22 02:09
FreeCAD is Near 1.0
09.22 02:09
토큰증권 플랫폼 펀블, ‘현대테라타워DM...
09.22 12:09
[PASCON 2024-리뷰] 굿모닝아이...
09.22 12:09
[PASCON 2024-강연] 박나룡 소...
09.22 12:09
2024-09-19 - File down...
09.22 11:09
The Surprising Effects...
09.22 10:09
두리코스 댕기머리, 중국인 300만 명이...
09.22 09:09
Announcing SecTemplate...
09.22 08:09
When Raw Network Socke...

NetWork | ZeroBOX

IP Address	Status	Action
151.101.40.209	Active	Moloch
164.124.101.2	Active	Moloch
185.199.110.133	Active	Moloch
185.232.14.169	Active	Moloch
185.222.58.83	Active	Moloch
20.200.245.247	Active	Moloch

Name	Response	Post-Analysis Lookup
repo1.maven.org	A 151.101.40.209 CNAME dualstack.sonatype.map.fastly.net	199.232.196.209
50kteam.dynamic-dns.net	A 185.222.58.83	185.222.58.83
github.com	A 20.200.245.247	20.200.245.247
objects.githubusercontent.com	A 185.199.109.133 A 185.199.111.133 A 185.199.110.133 A 185.199.108.133	185.199.109.133
wshsoft.company	A 185.232.14.169	185.232.14.169

TCP Requests

UDP Requests

GET 200 http://wshsoft.company/jv/jrex.zip

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

Flow	Issuer	Subject	Fingerprint
TLS 1.2 192.168.56.101:49171 185.199.110.133:443	C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1	C=US, ST=California, L=San Francisco, O=GitHub, Inc., CN=*.github.io	a1:46:14:c7:2a:1d:52:79:f6:aa:2b:b2:c5:0a:3b:d3:f5:02:06:75
TLS 1.2 192.168.56.101:49170 151.101.40.209:443	C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2023 Q1	CN=repo1.maven.org	94:bc:2a:d0:1a:cf:41:94:d4:9a:de:44:ab:b4:42:39:8a:f6:bf:f3
TLS 1.2 192.168.56.101:49169 151.101.40.209:443	C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2023 Q1	CN=repo1.maven.org	94:bc:2a:d0:1a:cf:41:94:d4:9a:de:44:ab:b4:42:39:8a:f6:bf:f3
TLS 1.2 192.168.56.101:49167 20.200.245.247:443	C=US, O=DigiCert Inc, CN=DigiCert TLS Hybrid ECC SHA384 2020 CA1	C=US, ST=California, L=San Francisco, O=GitHub, Inc., CN=github.com	a3:b5:9e:5f:e8:84:ee:1f:34:d9:8e:ef:85:8e:3f:b6:62:ac:10:4a
TLS 1.2 192.168.56.101:49168 151.101.40.209:443	C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2023 Q1	CN=repo1.maven.org	94:bc:2a:d0:1a:cf:41:94:d4:9a:de:44:ab:b4:42:39:8a:f6:bf:f3

Snort Alerts

No Snort Alerts